Hi, I'm Amat.

This blog is about CTFs and Vulnerability Research.

Introduction In march 2017, I took part in the pwn2own contest with team Chaitin Security Research Lab. The target I was focused on was VMware Workstation Pro and we managed to get a working exploit before the contest. Unfortunately, a version of VMware was released on March 14th, the day before the contest, with a patch for the vulnerability our e…

Introduction A few weeks ago, a couple of friends and I decided to take a look at the PS Vita in order to see if we could exploit it in any way. Since I didn't really have an idea where to start, I did some research in order to get some information about the Vita. I fell on an interesting blog post which seemed to indicate that looking at Webkit vu…

I had a lot of fun playing HITCON CTF this weekend so I decided I would make writeups for the challenges I worked on. In this post I provide my solutions for callme, rsbo, ty and sha1lcode. Since stkof was a more serious binary, I decided to make a seperate post for it which can be found here. callme callme: ELF 32-bit LSB executable, Intel 80386,…

This past weekend I took part in the Defcon Quals 2014 and one of the challenges I worked on that I really liked was the "turdedo" (Selir 3) challenge so I decided to make a writeup for it. I worked on this challenge with @zardus and @antoniob. Description The challenge claims to implement the teredo IPv6 tunneling protocol. I had never heard of th…